Impact When opening a form in Valtimo, the access token (JWT) of the user is exposed to api.form.io via the the x-jwt-token header. An attacker can retrieve personal information from this token, or us ...
Continue Reading
May 13, 2024
Impact When opening a form in Valtimo, the access token (JWT) of the user is exposed to api.form.io via the the x-jwt-token header. An attacker can retrieve personal information from this token, or us ...
Continue Reading
May 13, 2024
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fbc2c629-0dc5-11ef-9850-001b217b3468 advisor ...
Continue Reading
May 12, 2024
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Gitlab reports: ReDoS in branch search when using wildcards ReDoS in markdown render pipeline Redos on ...
Continue Reading
May 12, 2024
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Gitlab reports: ReDoS in branch search when using wildcards ReDoS in markdown render pipeline Redos on ...
Continue Reading
May 12, 2024
The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token (JWT) JOSE (JSON Object Signing and Encry ...
Continue Reading
May 11, 2024
An update is available for python-jwcrypto. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vu ...
Continue Reading
May 10, 2024
A malicious actor may be able to extract a JWT token via malicious "/command" request. This is a form of cross site scripting...Read More ...
Continue Reading
May 10, 2024
Back to Main
